fail2ban vs. logrotate
Andre Speelmans
fedora-list at cosiso.nl
Tue Oct 25 05:23:04 UTC 2011
> It sounds like fail2ban still has the old log file open. You need to
> have logrotate tell fail2ban that the log file has changed.
Change the config file for logrotate so that it does not create a new
file, but that it uses copy-and-truncate. The exact syntax is easily
found in the man-page.
> Logrotate already does this will other services when it rotates
> their log file. I am surprised the .rpm did not include the files
> for logrotate to automatically sent the proper signal to fail2ban.
/var/log/secure is not a daemon specific file, but a general log-file
and as such does not have a (daemon-) specific rpm. And a general file
can't send signals to all kinds of daemons that may, or may not run on
a system.
More information about the users
mailing list